Re: changing local domain name
- Date: Mon, 2 Apr 2018 17:06:41 -0500
- From: David Wright <deblis@xxxxxxxxxxxxxxxxx>
- Subject: Re: changing local domain name
On Sat 31 Mar 2018 at 19:40:02 (+0100), Joe wrote:
> On Sat, 31 Mar 2018 10:15:48 -0500
> David Wright <deblis@xxxxxxxxxxxxxxxxx> wrote:
> > On Sat 31 Mar 2018 at 12:35:08 (+0100), Joe wrote:
> > > If you lease a public domain name, there is no real
> > > difficulty about using it also in a private network, just a matter
> > > of making sure that external resources using the name can also be
> > > found in local DNS or hosts files.
> > If you could elaborate. Say I have leased example.org, currently at
> > 220.127.116.11, and apart from what's out there on the Internet I have
> > hosts foo.example.org at 192.168.1.2 and bar.example.org at
> > 192.168.1.3 with a router at 192.168.1.1. What do I need to do? For
> > simplicity, I use dhcp from the router which also has no DNS server.
> > So /etc/hosts.
> Practically nothing, I'd have thought. *If* you run a local DNS server
> based on example.org, then you need to make the local machines aware
> that Internet resources are not going to be found in the local network.
> In this case, either that the DNS server has a manual entry or that all
> your machines have entries in their /etc/hosts files for
> www.example.org, on the sensible assumption that your web server is
> externally hosted.
I would have thought that it's best to avoid having any local DNS
resolving IP addresses for the external hosts because they're all
under the control of the hosting company who might change them at any
time. OTOH the local machines can be given their private addresses
by the local dhcp server which is likely to be doubling as the local
DNS server anyway. I haven't tried it as I don't have one (DNS).
If I did, my worry would be having machines like foo.example.org
with private addresses, and www.example.org on public ones. I'd
want to take a closer look at exim's documentation for example.
And would it help with overzealous smarthosts checking HELO?
> If you don't have a DNS server keeping track of your
> local machines, and in general, your workstations don't need to know
> where each other are, then a few /etc/hosts entries should be all you
> ever need. You only need the workstations to know where your servers
> are, and you may not have any servers other than your router.
I don't see how I'd do anything if I didn't know where the other
workstations are. In that sense, they're all servers. I use /etc/hosts
but I generate it from a masterfile /root/hosts-1-local-template,
with sed taking care of the two edits required (127.0.1.1 and self).
> Nothing should need to know your public IP address: if you're hosting
> any Internet-facing servers, the hosting company you're leasing
> example.org from will deal with the public DNS.
> You will get a local DNS server when you acquire so many machines that
> keeping all the hosts files in sync becomes a pain. I run BIND and
> ISC-DHCP servers for the exercise, there are simpler DNS-DHCP systems.
> I do need DNS, as I run a mail server, and I've found out the hard way
> that the DNS forwarders in domestic routers aren't always up to the job.
> But in the early days of doing that, the mail server looked after its
> domains, I had only a caching nameserver in my router and the name of
> the server computer, and its 'domain' were irrelevant. My Windows
> workstations had a workgroup name, which Samba inherited when I began
> using it, but it has no connection with any of my Internet domain names.
> Again, a Linux workstation has no real use for a 'domain' name,
> but if
> you make even trivial use of some application which is involved with
> Internet domains, such as SMTP or DNS servers, then they may need to be
> given a domain name. The Debian installer simply assumes that no harm
> will come from the existence of a domain name if it's not needed, but
> that many Debian installations do need it.
Since February, it would seem sensible for the d-i to give some
advice, now that there are recommended choices, .home/.corp/.mail.
> And no, I've never tried changing one, as I've always used one of my
> email domains, which has not changed in twenty years. As a comparison,
> if you need to change the domain name of a Windows server, you literally
> need to reinstall it, as the name is used so widely in its registry and
> its Active Directory. There is no method of changing it which is
> supported by Microsoft.
Is there anything in Windows that's orthogonal. I've had no difficulty
changing domain names in the past (in linux). The only difficulty with
having an empty name for the domain is that there's nothing to grep.
Mind you, grepping home anywhere in linux can be painful. Perhaps .corp
is the best choice: I get very few hits from grep -r corp /etc
and most of them are from my /etc/hosts, in the ad-exterminating part.